CVE-2021-3996

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-3996
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3996.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-3996
Downstream
Related
Published
2022-08-23T20:15:08.560Z
Modified
2026-04-12T01:58:35.394558Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves (like /tmp) or mounted in a world-writable directory. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems.

Database specific 
{
    "unresolved_ranges": [
        {
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "35"
                }
            ]
        }
    ]
}
References

Affected packages

Git / github.com/util-linux/util-linux

Affected ranges

Type
GIT
Repo
https://github.com/util-linux/util-linux
Events
Introduced
d4319b91c9d7d69e7b954fc66819214f81501312
Fixed
331a1e6e10f7943a12112c7161a8c995c1c5b9b9
Fixed
166e87368ae88bf31112a30e078cceae637f4cdb
Database specific 
{
    "source": [
        "CPE_FIELD",
        "REFERENCES"
    ],
    "cpe": "cpe:2.3:a:kernel:util-linux:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "2.34"
        },
        {
            "fixed": "2.37.3"
        }
    ]
}

Affected versions

v2.*
v2.34
v2.35
v2.35-rc1
v2.35-rc2
v2.36
v2.36-rc1
v2.36-rc2
v2.37
v2.37-rc1
v2.37-rc2
v2.37.1
v2.37.2

Database specific

vanir_signatures_modified 
"2026-04-12T01:58:35Z"
source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3996.json"
vanir_signatures 
[
    {
        "target": {
            "function": "get_data",
            "file": "misc-utils/findmnt.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "length": 3726.0,
            "function_hash": "172190503425158250389494480808560178722"
        },
        "id": "CVE-2021-3996-1d58d02f",
        "source": "https://github.com/util-linux/util-linux/commit/166e87368ae88bf31112a30e078cceae637f4cdb",
        "signature_type": "Function"
    },
    {
        "target": {
            "file": "libmount/src/tab_parse.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "148271273388203354470307206719535892884",
                "62287315139407245811954595481725356072",
                "214980228586424104484449972395979075984",
                "217898200299446668385854001693895204685",
                "51801488505642128081018949456777325706",
                "257342031427320780263277671271392767484",
                "168136948023821894125767835402239888107",
                "127236742331569048669726256605141397714"
            ]
        },
        "id": "CVE-2021-3996-2d1d2a24",
        "source": "https://github.com/util-linux/util-linux/commit/166e87368ae88bf31112a30e078cceae637f4cdb",
        "signature_type": "Line"
    },
    {
        "target": {
            "function": "usage",
            "file": "misc-utils/findmnt.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "length": 5214.0,
            "function_hash": "158498815795531669837843951447915555277"
        },
        "id": "CVE-2021-3996-42c64fc9",
        "source": "https://github.com/util-linux/util-linux/commit/166e87368ae88bf31112a30e078cceae637f4cdb",
        "signature_type": "Function"
    },
    {
        "target": {
            "file": "libmount/src/fs.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "286140304454410413634878294559679225379",
                "192975041025611851365509477730454023811",
                "164927361626773875653768085836916003090",
                "315158568700694488048869430152950559000",
                "315371986635039980251722367442174253558",
                "170411346683885901129397721417919139330",
                "300654987440978909167170236251493796625"
            ]
        },
        "id": "CVE-2021-3996-4782ce74",
        "source": "https://github.com/util-linux/util-linux/commit/166e87368ae88bf31112a30e078cceae637f4cdb",
        "signature_type": "Line"
    },
    {
        "target": {
            "function": "mnt_parse_mountinfo_line",
            "file": "libmount/src/tab_parse.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "length": 2940.0,
            "function_hash": "315893505501780867915916644769990653558"
        },
        "id": "CVE-2021-3996-661209d0",
        "source": "https://github.com/util-linux/util-linux/commit/166e87368ae88bf31112a30e078cceae637f4cdb",
        "signature_type": "Function"
    },
    {
        "target": {
            "function": "mnt_fs_is_deleted",
            "file": "libmount/src/fs.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "length": 81.0,
            "function_hash": "120976056213085741100383319772317386052"
        },
        "id": "CVE-2021-3996-93c9e9b0",
        "source": "https://github.com/util-linux/util-linux/commit/166e87368ae88bf31112a30e078cceae637f4cdb",
        "signature_type": "Function"
    },
    {
        "target": {
            "function": "main",
            "file": "misc-utils/findmnt.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "length": 10685.0,
            "function_hash": "331940063383546000812631025201381521261"
        },
        "id": "CVE-2021-3996-974cdc92",
        "source": "https://github.com/util-linux/util-linux/commit/166e87368ae88bf31112a30e078cceae637f4cdb",
        "signature_type": "Function"
    },
    {
        "target": {
            "file": "misc-utils/findmnt.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "298855823468841395292686224986095376908",
                "66703069748486132479840055249640881267",
                "233714075636408001559557418962410107460",
                "47099453058534788772784177087901182001",
                "111462451473006695466070065962996343255",
                "114345554248835959056859442733828899902",
                "292286073993658657802662615967279738168",
                "200996797631186976073356362057259312729",
                "25624830782666857265106780171878185034",
                "167223574011331999619862769939752356439",
                "215597028844341321701811046774650302989",
                "330842130761394063961666841624178507895",
                "59484410659985697729861471062395614522",
                "273044645211350846033584871890401335473",
                "78245747810213312559139308309647888190",
                "268949403362698462011002659534011286781",
                "274980906433835594308526205823375851896",
                "264449175584110271771129178353261205817",
                "93409794396920401241971728542441572167",
                "216139292853369616917558222569159936658",
                "220399846976224944228303842596634524639",
                "86514528827020005887911999400195480317",
                "285125084310968877194948385341663239230",
                "44121081881317959019337810236318650262",
                "28866909802456987500913224205049437921",
                "20663972531521107759201287080375326472",
                "249532879622485537199582428047034223176",
                "272872723077785993134229110936859773043",
                "222791952572539269023063095560659778610",
                "207828066042423960456697170375309616514",
                "190047051100916545495807959403691222287",
                "226333833310301199192822554540295948691",
                "143811529040762080966032895854022885710",
                "153334248956534021195123426579781065793",
                "293702649514223561413169178365969606528",
                "220864291065299398209326231576015526951",
                "162057996291746731607750476800602898895",
                "18748884966158230515994239272788054447",
                "302631595818999861945477251471038051430",
                "147273131590380867193257547592252124930",
                "287739967803146989390422017736258284411",
                "282578722999074585619798239376483379638",
                "134548041378653384101393578474875873273",
                "1139099346432572383810132542762886996"
            ]
        },
        "id": "CVE-2021-3996-f75b1716",
        "source": "https://github.com/util-linux/util-linux/commit/166e87368ae88bf31112a30e078cceae637f4cdb",
        "signature_type": "Line"
    }
]